highsecurity
Debug Routes in Production
Finds test, debug, and mock API routes that should not exist in production.
Why This Is Bad
These pages are for testing only. If users find them, they might break your app or expose sensitive functionality.
How To Fix
Delete this file or wrap the logic in an environment check:
typescript
// Option 1: Delete the file entirely
// Option 2: Guard with environment check
if (process.env.NODE_ENV !== 'development') {
return new Response('Not Found', { status: 404 });
}When You Pass This Check
Great job! No debug routes found in your codebase.
Check If Your Repo Has This Issue
Our free scanner will detect this and 17 other common issues in your codebase.